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CLAIMS 

A system for enabling roaming of wireless clients among wireless access points 
comprising a gateway in a wired network which comprises access points, the gateway 
having means to (a) receive session data requests from access points, the session data 
including a session key associated with each wireless client and an associated access 
point, (b) look up session data, and (c) send session data back to the requesting access 
points, the access points having means to send requests for session data from the gateway 
and means to receive session information setting commands from the gateway. 

The system of claim 1 wherein each access point has means to maintain a session key per 
associated client. 

The system of claim 1 wherein the gateway has means to remove session information after 
a wireless client becomes disassociated with an access point comprising sending a 
command to the access point to remove the session information and/or to remove idle 
wireless client entires after a predetermined period of inactivity. 

The system of claim 1 having means to ensure that a connection between the gateway and 
an access point is tmsted. 

The system of claim 4 wherein the means comprises physical security or encryption. 

A method of enabling roaming of wireless clients among wireless access points in a 
network comprising the steps of (a) providing a gateway in the network, sending session 
data requests from access points to the gateway, the session data including a session key 
associated with each wireless client and an associated access point, (b) looking up session 
data stored in the gateway, reporting session data failure if session data is not found, and 
(c) sending a session data response from the gateway to the access point if session data is 
found or is generated by the gateway. 

The method of claim 6 wherein an association request from a wireless station is received 
by an access point and, after receiving a session data response from the gateway, the 
access point loads session data and sends the session data to the wireless client. 
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8. The method of claim 6 wherein an association request from a wireless client is received by 
an access point and, after receiving a session data failure response from the gateway, the 
access point generates session data, reports the generated session data to the gateway and 
sends an association response to the wireless client. 

5 

9. The method of claim 6 comprising removing session information from the previously 
associated access point after a wireless client becomes associated with a new access point 
comprising the gateway sending a command to the prevoiusly associated access point to 
remove the session information or automatically removing idle wireless client entries after 

10 a predetermined period of inactivity. 

10. The method of claim 6 wherein the gateway authenticates an access point to ensure that a 
connection between the gateway and the access point is tmsted. 

15 11. The method of claim 10 wherein the authentication is encrypted. 

12. A computer readable medium containing instructions that, when executed by a processor 
in a gateway in a wired network which comprises access points, performs the steps of (a) 
receiving session data requests from access points to the gateway, the session data 
20 including a session key associated with each wireless client and an associated access 

point, (b) looking up session data stored in the gateway, reporting session data failure if 
session data is not found, and (c) sending a session data response from the gateway to the 
access point if session data is found or is generated by the gateway. 

25 13. A computer readable medium comprising instructions that, when executed by a processor 
in a wireless access point in a network, performs the steps of receiving an association 
request from a wireless client and, after receiving a session data response from a gateway, 
loads session data and sends the session data to the wireless station, the session data 
including a session key associated with each wireless client and an associated access 

30 point. 
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14. The computer readable medium of claim 13 wherein after receiving a session data failure 
response from the gateway, performs the steps of generating session data, reporting the 
generated session data to the gateway nad sending an association response to the wireless 
station. 

15. The computer readable medium of claim 13 which performs the steps of removing session 
information from a previously associated access point after a wireless client becomes 
associated with a new access point, sending a command to the previously associated 
access point to remove the session information or automatically removing idle wireless 
client entries after a predetermined period of inactivity. 

16. The computer readable medium of claim 13, which performs the steps of authenticating an 
acess point to ensure that a connection between the gateway and the access point is 
trusted. 

17. The computer readable medium of claim 16 wherein the authentication is encrypted. 



